Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- $response = "";
- function check_links() {
- global $response;
- if(isset($_POST["fb"])){
- $dirty_fb = $_POST["fb"]; //user supplied link
- $response .= check_fb($dirty_fb);
- }
- if(isset($_POST["tw"])){
- $dirty_tw = $_POST["tw"]; //user supplied link
- $response .= check_tw($dirty_tw);
- }
- if(isset($_POST["go"])){
- $dirty_go = $_POST["go"]; //user supplied link
- $response .= check_go($dirty_go);
- }
- if(isset($_POST["in"])){
- $dirty_in = $_POST["in"]; //user supplied link
- $response .= check_in($dirty_in);
- }
- if(isset($_POST["yt"])){
- $dirty_yt = $_POST["yt"]; //user supplied link
- $response .= check_yt($dirty_yt);
- }
- if(isset($_POST["pe"])){
- $dirty_pe = $_POST["pe"]; //user supplied link
- $response .= check_pe($dirty_pe);
- }
- echo $response;
- }
- function check_fb($dirty_fb) {
- global $db_conx;
- global $log_username;
- //remove anything before facebook.com using strstr()
- //clean url leaving alphanumerics : / _ . ? = only - required to remove facebook link format with /#!/
- $clean_url = strstr(preg_replace('#[^a-z0-9:/_.?=]#i', '', $dirty_fb), 'facebook.com');
- $parsed_url = parse_url("http://www.".$clean_url); //parse url to get brakedown of components
- $safe_host = $parsed_url['host']; // safe host direct from parse_url = www.facebook.com
- // str_replace to switch any // to a / inside the returned path - required due to preg_replace process above
- $safe_path = str_replace("//", "/", ($parsed_url['path']));
- if ($safe_host == 'www.facebook.com' && $safe_path != '' && $safe_path != '/') {
- $link = $safe_host.$safe_path;
- $sql = "UPDATE useroptions SET facebook='$link' WHERE username='$log_username'";
- mysqli_query($db_conx, $sql);
- $var = "fb1|";
- return $var;
- } else if ($safe_host == 'www.facebook.com' && $safe_path == '') {
- $var = "fb2|";
- return $var;
- } else if ($safe_host == 'www.facebook.com' && $safe_path == '/') {
- $var = "fb3|";
- return $var;
- } else {
- $var = "fb4|";
- return $var;
- }
- }
- function check_tw($dirty_tw) {
- global $db_conx;
- global $log_username;
- //remove anything before twitter.com using strstr()
- //clean url leaving alphanumerics : / _ . ? = only
- $clean_url = strstr(preg_replace('#[^a-z0-9:/_.?=]#i', '', $dirty_tw), 'twitter.com');
- $parsed_url = parse_url("http://www.".$clean_url); //parse url to get brakedown of components
- $safe_host = $parsed_url['host']; // safe host direct from parse_url
- // str_replace to switch any // to a / inside the returned path - required due to preg_replace process above
- $safe_path = str_replace("//", "/", ($parsed_url['path']));
- if ($safe_host == 'www.twitter.com' && $safe_path != '' && $safe_path != '/') {
- $link = $safe_host.$safe_path;
- $sql = "UPDATE useroptions SET twitter='$link' WHERE username='$log_username'";
- mysqli_query($db_conx, $sql);
- $var = "tw1|";
- return $var;
- } else if ($safe_host == 'www.twitter.com' && $safe_path == '') {
- $var = "tw2|";
- return $var;
- } else if ($safe_host == 'www.twitter.com' && $safe_path == '/') {
- $var = "tw3|";
- return $var;
- } else {
- $var = "tw4|";
- return $var;
- }
- }
- function check_go($dirty_go) {
- global $db_conx;
- global $log_username;
- //remove anything before google.com using strstr()
- //clean url leaving alphanumerics : / _ . ? = only
- $clean_url = strstr(preg_replace('#[^a-z0-9:/_.?=]#i', '', $dirty_go), 'plus.google.com');
- $parsed_url = parse_url("http://www.".$clean_url); //parse url to get brakedown of components
- $safe_host = $parsed_url['host']; // safe host direct from parse_url
- // str_replace to switch any // to a / inside the returned path - required due to preg_replace process above
- $safe_path1 = str_replace("//", "/", ($parsed_url['path']));
- $safe_path2 = str_replace(":plus:","+", $safe_path1);
- if ($safe_host == 'www.plus.google.com' && $safe_path2 != '' && $safe_path2 != '/') {
- $link = $safe_host.$safe_path2;
- $sql = "UPDATE useroptions SET google='$link' WHERE username='$log_username'";
- mysqli_query($db_conx, $sql);
- $var = "go1|";
- return $var;
- } else if ($safe_host == 'www.plus.google.com' && $safe_path2 == '') {
- $var = "go2|";
- return $var;
- } else if ($safe_host == 'www.plus.google.com' && $safe_path2 == '/') {
- $var = "go3|";
- return $var;
- } else {
- $var = "go4|";
- return $var;
- }
- }
- function check_in($dirty_in) {
- global $db_conx;
- global $log_username;
- //remove anything before instagram.com using strstr()
- //clean url leaving alphanumerics : / _ . ? = only
- $clean_url = strstr(preg_replace('#[^a-z0-9:/_.?=]#i', '', $dirty_in), 'instagram.com');
- $parsed_url = parse_url("http://www.".$clean_url); //parse url to get brakedown of components
- $safe_host = $parsed_url['host']; // safe host direct from parse_url
- // str_replace to switch any // to a / inside the returned path - required due to preg_replace process above
- $safe_path = str_replace("//", "/", ($parsed_url['path']));
- if ($safe_host == 'www.instagram.com' && $safe_path != '' && $safe_path != '/') {
- $link = $safe_host.$safe_path;
- $sql = "UPDATE useroptions SET instagram='$link' WHERE username='$log_username'";
- mysqli_query($db_conx, $sql);
- $var = "in1|";
- return $var;
- } else if ($safe_host == 'www.instagram.com' && $safe_path == '') {
- $var = "in2|";
- return $var;
- } else if ($safe_host == 'www.instagram.com' && $safe_path == '/') {
- $var = "in3|";
- return $var;
- } else {
- $var = "in4|";
- return $var;
- }
- }
- function check_yt($dirty_yt) {
- global $db_conx;
- global $log_username;
- //remove anything before youtube.com using strstr()
- //clean url leaving alphanumerics : / _ . ? = only
- $clean_url = strstr(preg_replace('#[^a-z0-9:/_.?=]#i', '', $dirty_yt), 'youtube.com');
- $parsed_url = parse_url("http://www.".$clean_url); //parse url to get brakedown of components
- $safe_host = $parsed_url['host']; // safe host direct from parse_url
- // str_replace to switch any // to a / inside the returned path - required due to preg_replace process above
- $safe_path = str_replace("//", "/", ($parsed_url['path']));
- if ($safe_host == 'www.youtube.com' && $safe_path != '' && $safe_path != '/') {
- $link = $safe_host.$safe_path;
- $sql = "UPDATE useroptions SET youtube='$link' WHERE username='$log_username'";
- mysqli_query($db_conx, $sql);
- $var = "yt1|";
- return $var;
- } else if ($safe_host == 'www.youtube.com' && $safe_path == '') {
- $var = "yt2|";
- return $var;
- } else if ($safe_host == 'www.youtube.com' && $safe_path == '/') {
- $var = "yt3|";
- return $var;
- } else {
- $var = "yt4|";
- return $var;
- }
- }
- function check_pe($dirty_pe) {
- //clean url leaving alphanumerics : / . only
- $clean_url = preg_replace('#[^a-z0-9:/_.?=]#i', '', $dirty_pe);
- $parsed_url = parse_url("http://www.".$clean_url); //parse url to get brakedown of components
- return $parsed_url['host'].$parsed_url['path'];
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement